KYC limitations

KYC verification has been the cornerstone of crypto exchange compliance for a decade. It is effective at one thing: establishing that the person who submitted documents matches the identity they claimed at onboarding. It does nothing to detect what happens next. Account takeovers, SIM swaps, and compromised credentials allow attackers to operate behind a fully KYC-verified identity — invisible to document-based checks.

In our 2025 crypto fraud analysis, 67% of confirmed fraud incidents involved accounts that had passed full KYC verification. The fraud happened post-onboarding, through behaviour that deviated from the account's established baseline.

Behavioral signals

Behavioural scoring builds a continuous model of normal activity for each account: trading patterns, withdrawal amounts and frequencies, login times and locations, session durations, and navigation sequences. Deviations from this baseline — not just rule violations — trigger risk escalation.

Implementation

Serixo's behavioural engine requires 14 days of baseline data per account before producing high-confidence scores. During the warmup period, scores are supplemented by cohort-level baselines (similar accounts by registration date, geography, and trading volume). The full signal set runs on the standard Serixo event stream with no additional instrumentation.

Results

Future of identity

The trajectory is clear: document-based identity verification is necessary but not sufficient. The next generation of crypto compliance will be built on continuous behavioural attestation — proving not just who you are at onboarding, but that the account continues to be operated by its verified owner on every session. Serixo's behavioural engine is designed to be that continuous layer, running silently underneath your existing KYC infrastructure.